Home
HackTheBox - Buff
0. Preface
Due to Windows Defender/AMSI, we are now having to mask malicious PowerShell scripts, even though it was uploaded using IEX. I also spent quite a bit of time experimenting with different buffer overflow POCs, but eventually got the right one.
In this box, we will be tackling:
- Careful reading and exploiting a web application for RCE
- Masking malicious PowerShell scripts to get past Windows AMSI
- BUFFer overflow on CloudMe
Continue Reading...
HackTheBox - Tabby
0. Preface
This is the first box I ever done on HackTheBox. This write-up is also one of the very first Iβve written. This is a very interesting box, especially the root privilege escalation.
In this box, we will be tackling:
- LFI
- Using Tomcatβs manager-script via curl commands to upload an exploit
- Exploiting the laziness of system administrators
- Using LXD to get root
Continue Reading...
VulnHub - Relevant 1
0. Preface
This is a pretty fun box, which has you enumerating a WordPress site without using the usual
wpscan
. Turns out,nmap
has some pretty useful scripts that can be used to enumerate certain common services too!In this box, we will be tackling:
- Enumerating WordPress Plugins with
nmap
. - Exploiting RCE with WordPress File Manager.
- Elevating privileges using Node.js.
Continue Reading...
- Enumerating WordPress Plugins with